Build(deps): bump alloy-signer-local from 2.0.4 to 2.0.5

[dependabot]

Bumps alloy-signer-local from 2.0.4 to 2.0.5.

Release notes

Sourced from alloy-signer-local's releases.

v2.0.5

What's Changed

• perf(txpool): use split_once instead of collect::<Vec> in deserialization by @​DivooOliver in alloy-rs/alloy#3926
• fix(ci): stabilize main red tests by @​decofe in alloy-rs/alloy#3942
• Update version in README by @​DenisGorbachev in alloy-rs/alloy#3943
• chore(deps): bump foundry-rs/foundry-toolchain from 1.7.0 to 1.8.0 by @​dependabot[bot] in alloy-rs/alloy#3945
• fix: deduplicate AnyRpcTransaction conversion helpers by @​anim001k in alloy-rs/alloy#3947
• fix(provider): clean up failed impersonated sends by @​nivanovvv in alloy-rs/alloy#3944
• fix(eip1559): prevent divide-by-zero in next base fee calculation by @​mattsse in alloy-rs/alloy#3951
• perf(eips): optimize c-kzg byte conversions by @​DaniPopes in alloy-rs/alloy#3954
• feat(rpc-types-engine): add sealed block execution data conversions by @​mattsse in alloy-rs/alloy#3955
• chore(deps): bump taiki-e/install-action from 2.75.15 to 2.75.20 by @​dependabot[bot] in alloy-rs/alloy#3946
• fix(rpc-types-trace): default missing/null CallOutput.output to empty bytes by @​incrypto32 in alloy-rs/alloy#3931
• perf(rpc-types-trace): manually deserialize trace output by @​mattsse in alloy-rs/alloy#3957
• fix(signer-trezor): dispatch EIP-1559 by tx type by @​figtracer in alloy-rs/alloy#3958
• fix(transport): make retry queue count cancel-safe by @​nivanovvv in alloy-rs/alloy#3956
• fix(signer-trezor): reject unsupported tx types by @​figtracer in alloy-rs/alloy#3959
• feat(signer-tempo): add Tempo wallet keystore reader by @​stevencartavia in alloy-rs/alloy#3936
• docs(signer-tempo): add changelog by @​mattsse in alloy-rs/alloy#3962
• chore(deps): bump taiki-e/install-action from 2.75.20 to 2.75.27 by @​dependabot[bot] in alloy-rs/alloy#3964
• chore(deps): bump crate-ci/typos from 1.45.0 to 1.46.0 by @​dependabot[bot] in alloy-rs/alloy#3965
• feat(pubsub): typed terminal-error channel by @​figtracer in alloy-rs/alloy#3963
• feat(rpc-types-engine): add SSZ codecs for engine types by @​mattsse in alloy-rs/alloy#3970
• chore(eips): move blob cell mask before serde compat by @​mattsse in alloy-rs/alloy#3972
• docs(eips): document blob cell selection invariants by @​mattsse in alloy-rs/alloy#3973
• feat(eips): add EIP-7594 matching cell computation by @​mattsse in alloy-rs/alloy#3974
• fix(eips): avoid panic in 7594 match_versioned_hashes by @​serikssonn in alloy-rs/alloy#3975
• fix(consensus-any): saturate baseFeePerGas above u64::MAX on deser (#3741) by @​satyakwok in alloy-rs/alloy#3976
• fix(signer-ledger): reject invalid derivation paths by @​Elena343-ai in alloy-rs/alloy#3960
• feat(rpc-types-beacon): add builder validation request v6 by @​mattsse in alloy-rs/alloy#3981
• feat(rpc-types-engine): add payload attributes builders by @​mattsse in alloy-rs/alloy#3985
• fix(consensus): correct recovered transaction docs by @​Elena343-ai in alloy-rs/alloy#3984
• chore(deps): bump taiki-e/install-action from 2.75.27 to 2.77.1 by @​dependabot[bot] in alloy-rs/alloy#3991
• fix(network): preserve transaction request extra fields by @​jschnelder in alloy-rs/alloy#3989
• chore(deps): bump github/codeql-action from 4.35.2 to 4.35.4 by @​dependabot[bot] in alloy-rs/alloy#3990
• docs(node-bindings): clarify Reth genesis behavior by @​mattsse in alloy-rs/alloy#3994
• fix(ci): satisfy zepter secp256k1 propagation by @​mattsse in alloy-rs/alloy#3993
• docs(rpc-types-eth): correct sealed_header docs by @​Elena343-ai in alloy-rs/alloy#3995

New Contributors

• @​DenisGorbachev made their first contribution in alloy-rs/alloy#3943
• @​nivanovvv made their first contribution in alloy-rs/alloy#3944
• @​incrypto32 made their first contribution in alloy-rs/alloy#3931
• @​serikssonn made their first contribution in alloy-rs/alloy#3975
• @​satyakwok made their first contribution in alloy-rs/alloy#3976
• @​jschnelder made their first contribution in alloy-rs/alloy#3989

Full Changelog: alloy-rs/alloy@v2.0.4...v2.0.5

Changelog

Sourced from alloy-signer-local's changelog.

2.0.5 - 2026-05-18

Bug Fixes

• [ci] Satisfy zepter secp256k1 propagation (#3993)
• [network] Preserve transaction request extra fields
• [consensus] Correct recovered transaction docs (#3984)
• [signer-ledger] Reject invalid derivation paths (#3960)
• [consensus-any] Saturate baseFeePerGas above u64::MAX on deser (#3741) (#3976)
• [eips] Avoid panic in 7594 match_versioned_hashes (#3975)
• [signer-trezor] Reject unsupported tx types (#3959)
• [transport] Make retry queue count cancel-safe (#3956)
• [signer-trezor] Dispatch EIP-1559 by tx type (#3958)
• [rpc-types-trace] Default missing/null CallOutput.output to empty bytes (#3931)
• [eip1559] Prevent divide-by-zero in next base fee calculation
• [provider] Clean up failed impersonated sends (#3944)
• Deduplicate AnyRpcTransaction conversion helpers (#3947)
• [ci] Stabilize main red tests (#3942)

Dependencies

• [deps] Bump github/codeql-action from 4.35.2 to 4.35.4 (#3990)
• [deps] Bump taiki-e/install-action from 2.75.27 to 2.77.1
• [deps] Bump crate-ci/typos from 1.45.0 to 1.46.0 (#3965)
• [deps] Bump taiki-e/install-action from 2.75.20 to 2.75.27 (#3964)
• [deps] Bump taiki-e/install-action from 2.75.15 to 2.75.20 (#3946)
• [deps] Bump foundry-rs/foundry-toolchain from 1.7.0 to 1.8.0 (#3945)

Documentation

• [rpc-types-eth] Correct sealed_header docs (#3995)
• [node-bindings] Clarify Reth genesis behavior (#3994)
• [eips] Document blob cell selection invariants (#3973)
• [signer-tempo] Add changelog (#3962)

Features

• [rpc-types-engine] Add payload attributes builders (#3985)
• [rpc-types-beacon] Add builder validation request v6 (#3981)
• [eips] Add EIP-7594 matching cell computation (#3974)
• [rpc-types-engine] Add SSZ codecs for engine types (#3970)
• [pubsub] Typed terminal-error channel (#3963)
• [signer-tempo] Add Tempo wallet keystore reader (#3936)
• [rpc-types-engine] Add sealed block execution data conversions (#3955)

Miscellaneous Tasks

• Release 2.0.5
• Release 2.0.5
• Release 2.0.5

... (truncated)

Commits

• 653989f chore: release 2.0.5
• ee8c72f chore: release 2.0.5
• a90ea92 chore: release 2.0.5
• 51090d3 chore: release 2.0.5
• 2d3a3fb docs(rpc-types-eth): correct sealed_header docs (#3995)
• a019321 fix(ci): satisfy zepter secp256k1 propagation (#3993)
• a51afc1 docs(node-bindings): clarify Reth genesis behavior (#3994)
• 2aa6712 chore(deps): bump github/codeql-action from 4.35.2 to 4.35.4 (#3990)
• f97b3cb fix(network): preserve transaction request extra fields
• 51cb51d chore(deps): bump taiki-e/install-action from 2.75.27 to 2.77.1
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	hyperliquid-feedback	12757fe	May 21 2026, 07:17 PM

[kilo-code-bot]

Code Review Summary

Status: No Blocking Issues | Recommendation: Merge

Overview

Severity	Count
CRITICAL	0
WARNING	0
SUGGESTION	1

Issue Details (click to expand)

SUGGESTION

File	Line	Issue
Cargo.toml	29	alloy pinned to 2.0.4 while alloy-signer-local is now 2.0.5 — consider bumping to "2.0" or "2.0.5" for consistency so Dependabot doesn't fragment the alloy ecosystem versions further

Other Observations (not in diff)

File	Line	Issue
Cargo.lock	—	Lockfile now carries duplicate crate versions: secp256k1 (0.30.0 + 0.31.1), sha3 (0.10.9 + 0.11.0), keccak (0.1.6 + 0.2.0). This increases compile time and binary size but is not a correctness issue. Bumping alloy to 2.0.5 may reduce some duplication.

Review Notes

• CI Status: All Rust quality gates pass (build, test, clippy, fmt). Cargo audit also passes.
• Upstream fixes in 2.0.5: EIP-1559 divide-by-zero prevention, panic fix in 7594 match_versioned_hashes, invalid Ledger derivation path rejection — all positive improvements.
• Lockfile analysis: The bump pulls transitive alloy-* sub-crates (consensus, eips, network, serde, etc.) from 2.0.4 to 2.0.5 and alloy-primitives/alloy-sol-types from 1.5.7 to 1.6.0. Since CI passes, these minor bumps are compatible.
• No inline comments — the only changed line in Cargo.toml (line 23) is the version bump itself, which is correct. The alloy version inconsistency at line 29 is outside the diff.

Files Reviewed (2 files)

• Cargo.toml — 1 suggestion (outside diff)
• Cargo.lock — auto-generated, verified consistent

Fix these issues in Kilo Cloud

---

_{Reviewed by glm-5.1 · 256,267 tokens}